Vulnerability in Linux Kernel Affects Dell WMI Data Retrieval
CVE-2025-38412

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38412?

A vulnerability exists in the Linux kernel related to the dell-wmi-sysman component. This issue arises when WMI data blocks are retrieved within sysfs callbacks without adequate validation checks. If the integrity of these data blocks is not verified, it may lead to unsafe dereferencing, potentially impacting system stability and security.

Affected Version(s)

Linux e8a60aa7404bfef37705da5607c97737073ac38d < 92c2d914b5337431d885597a79a3a3d9d55e80b7

Linux e8a60aa7404bfef37705da5607c97737073ac38d < 68e9963583d11963ceca5d276e9c44684509f759

Linux e8a60aa7404bfef37705da5607c97737073ac38d < 0deb3eb78ebf225cb41aa9b2b2150f46cbfd359e

References

https://git.kernel.org/stable/c/92c2d914b5337431d885597a7...

https://git.kernel.org/stable/c/68e9963583d11963ceca5d276...

https://git.kernel.org/stable/c/0deb3eb78ebf225cb41aa9b2b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025